Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ICR (IBM Cloud Container Registry) CRN should be available on a datasource. #5006

Closed
lionelmace opened this issue Dec 20, 2023 · 4 comments
Closed

ICR (IBM Cloud Container Registry) CRN should be available on a datasource. #5006

lionelmace opened this issue Dec 20, 2023 · 4 comments
Labels
enhancement service/Container Registry Issues related to Container Registry

Comments

@lionelmace
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

ICR (IBM Cloud Container Registry) CRN should be available on a datasource.

To create a VPE (Virtual Private Endpoint) for ICR via terraform you have to pass the CRN crn:v1:bluemix:container-registry:eu-de:::endpoint:de.icr.io.
I want to be able retrieve this CRN dynamically on a datasource based on the region.
Today, there is no terraform datasource to do so.

resource "ibm_is_virtual_endpoint_gateway" "vpe_icr" {

  name           = "${local.basename}-icr-vpe"
  resource_group = ibm_resource_group.group.id
  vpc            = ibm_is_vpc.vpc.id

  target {
    crn           = "crn:v1:bluemix:public:container-registry:eu-de:::endpoint:de.icr.io"
    resource_type = "provider_cloud_service"
  }

  # one Reserved IP for per zone in the VPC
  dynamic "ips" {
    for_each = { for subnet in ibm_is_subnet.subnet : subnet.id => subnet }
    content {
      subnet = ips.key
      name   = "${ips.value.name}-ip"
    }
  }
}
  • #0000
@github-actions github-actions bot added the service/VPC Infrastructure Issues related to the VPC Infrastructure label Dec 20, 2023
@lionelmace
Copy link
Author

To my mind, this is really something ICR should provide as a datasource named something like ibm_cr_settings

Look at Activity Tracker settings for instance https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/atracker_settingsAnyway

@astha-jain astha-jain added service/Container Registry Issues related to Container Registry and removed service/VPC Infrastructure Issues related to the VPC Infrastructure labels Jan 8, 2024
@shemau
Copy link

shemau commented Jan 11, 2024

From a user, not the development team.

A VPE gateway requires a target. The data source for targets is ibm_is_endpoint_gateway_targets. This provides a set of targets that are available (based on your provider region configuration).

@lionelmace
Copy link
Author

Exactly what I was looking for. Thanks @shemau.

Here is a full sample to configure VPE for ICR

# VPE (Virtual Private Endpoint) for Container Registry
##############################################################################

resource "ibm_is_virtual_endpoint_gateway" "vpe_icr" {

  name           = "${local.basename}-icr-vpe"
  resource_group = ibm_resource_group.group.id
  vpc            = ibm_is_vpc.vpc.id

  target {
    crn           = local.icr_target.crn
    resource_type = local.icr_target.resource_type
  }

  # one Reserved IP for per zone in the VPC
  dynamic "ips" {
    for_each = { for subnet in ibm_is_subnet.subnet : subnet.id => subnet }
    content {
      subnet = ips.key
      name   = "${ips.value.name}-ip-icr"
    }
  }

  tags = var.tags
}

data "ibm_is_endpoint_gateway_targets" "example" {
}

locals {
  icr_target = data.ibm_is_endpoint_gateway_targets.example.resources[
    index(data.ibm_is_endpoint_gateway_targets.example.resources.*.name, "registry-eu-de-v2")]
}

output "icr_target_crn" {
  value = local.icr_target.crn
}

@lionelmace
Copy link
Author

Resolved

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement service/Container Registry Issues related to Container Registry
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lionelmace @astha-jain @shemau